General
-
Target
26b854c54f03979383afd1c570f91d742a14e5e21a574d0f8cab1660892e4c18
-
Size
4.0MB
-
Sample
221130-qv9hwahb2z
-
MD5
872ed550b5f4112ea978e8963ee6affe
-
SHA1
5ac70b36e6ed2e3eff6114111227604f94786f36
-
SHA256
26b854c54f03979383afd1c570f91d742a14e5e21a574d0f8cab1660892e4c18
-
SHA512
bb1829f1fc0d797333ae6619a87a315213719d21db6da759399bc295142e21d0792ad3d21f1b0540d2762464fcdad5e9f416884b8eecb3f7e7bd0e38c5fbd3d5
-
SSDEEP
98304:/FF7+wetaG3Uk/4biwU7CkZhUPVQOi1ZmwnoZzzsOp+UGLMV1I:fI3r4WwU7dyVFmmjJsOp+p
Static task
static1
Malware Config
Targets
-
-
Target
26b854c54f03979383afd1c570f91d742a14e5e21a574d0f8cab1660892e4c18
-
Size
4.0MB
-
MD5
872ed550b5f4112ea978e8963ee6affe
-
SHA1
5ac70b36e6ed2e3eff6114111227604f94786f36
-
SHA256
26b854c54f03979383afd1c570f91d742a14e5e21a574d0f8cab1660892e4c18
-
SHA512
bb1829f1fc0d797333ae6619a87a315213719d21db6da759399bc295142e21d0792ad3d21f1b0540d2762464fcdad5e9f416884b8eecb3f7e7bd0e38c5fbd3d5
-
SSDEEP
98304:/FF7+wetaG3Uk/4biwU7CkZhUPVQOi1ZmwnoZzzsOp+UGLMV1I:fI3r4WwU7dyVFmmjJsOp+p
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-